How to Install mCrypt on CentOS 8
How-to-Guides from Kryotech
What Do I Need?
What is mCrypt?
Essentially the mcrypt extension is a replacement for the classic Unix crypt command. These commands serve as a way to encrypt files on Unix and Linux systems. The php-mcrypt extension serves as a connection between PHP and mcrypt. It provides a way for developers to utilize a wide range of encryption functions without having to make drastic changes to their codebase. It also allows users to encrypt files and/or data streams without having to be cryptography experts.
It should be remembered that as of PHP 7.2 PHP-mcrypt was completely removed, however this presents a problem as a considerable amount of server software titles still rely on this encryption tool. And that is why I invite you to join me on an adventure as we bring back that which has been taken away.
Open Putty
Access the root of your webspace.
Install the operating system prerequisites:
yum install epel-release
Search for the mcrypt libraries in your operating system:
yum search mcrypt
Install the libtomcrypt development libraries:
yum install libtomcrypt-devel.x86_64
Install libmcrypt development libraries:
yum install libmcrypt-devel.x86_64
Only install these two additional libraries if you’re experiencing problems with the first two being recognized:
yum install libmcrypt.x86_64
yum install libtomcrypt.x86_64
If you have Plesk Onyx 12 installed on your server include:
yum install plesk-php71-mcrypt.86_64
Restart Apache service:
service httpd restart
Check if you have installed all the PHP-mcrypt components:
yum list installed | grep mcrypt
Next Steps
There are a lot of popular open-source server applications that use this library, for example OpenCart, Magento or OwnCloud. Unfortunately, however, php-mcrypt is essentially a completely deprecated, dead project. It’s been unmaintained for over 10 years. The last version, 2.6.8, was released in 2008! Php-mcrypt only came in AES-128 and AES-256 flavors; however, if you require something more substantial, you’ll need Rijndael-512.
If you’d like to test some of the capabilities of php-mcrypt, check out a website I created some years ago called Kryptonox. Created originally in 2018, the website gives you the ability to drag and drop files to be encrypted, decrypted or analyzed.
Conclusion
Personally, I’d recommend maintaining a regular review of any of your server applications which rely on php-mcrypt, due to its effective ‘dead status’. For your own development projects, I have one simple recommendation — just don’t use it. Just don’t use it period. There are a number of more favorable and better-supported alternatives. For example:
OpenSSL is a tough, expansive toolkit for the TLS (transport layer security) and SSL (secure server layer) protocols. Regularly updated, peer-reviewed, and community-focused
libSodium is a comparatively new library suitable for encryption, decryption, signatures, password hashing, and a lot more. Featuring portability, cross-compatibility, and APIs
php-Encryption is a mature library used for encrypting data with a key or password in PHP. It requires OpenSSL as a prerequisite
For your own development projects, production, consumer, corporate or enterprise, I’d recommend using PureKit by Virgil Security. PureKit is an open-source security framework for enabling post-compromise protection for stored data and features:
- per-user and role-based data encryption
- password protection against hacking
- management of data encryption keys
- secure data and file sharing
It also allows a developer to protect user’s passwords and data from hacking, penetration, data leakage, and securely shares data. The framework can be used for practically any application or use case requiring, database, or login systems, that use passwords. Open-source, peer-reviewed and regularly updated, it’s definitely the way to go. Go Virgil!
